<!DOCTYPE html>
<html class="no-js" lang="zh-CN">
<head>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<title>linux用户相关基础 - home</title>
	<script>(function(d,e){d[e]=d[e].replace("no-js","js");})(document.documentElement,"className");</script>
	<meta name="description" content="">
	<meta name="generator" content="Hugo 0.54.0" />
	<meta property="og:title" content="linux用户相关基础" />
<meta property="og:description" content="相关命令  useradd 添加用户 usermod 修改用户 userdel 删除用户 passwd 修改用户密码 groupadd 添加用户组 groupmod 更改用户组 groupdel 删除用户组 chmod 改变文件的权限, SUID, SGID, SBIT等等的特性 chgrp 改变文件所属群组 chown 改变文件拥有者 groups 查看自己在什么群组 newgrp 切换群组  准备  用docker起一个ssh服务端 docker run -d --name ssh-server -p 2020:22 jdeathe/centos-ssh:centos-7 进入容器修改为允许使用用户名密码登录
# 进入容器 docker exec -ti ssh-server-1 bash # 修改配置 vi /etc/ssh/sshd_config # 将PasswordAuthentication的no改为yes # 查看sshd线程 ps aux | grep sshd # 刷新修改，即可用默认用户名跟密码登录 kill -1 ${pid}  通过docker logs ssh-server可以查看到, 默认用户名密码" />
<meta property="og:type" content="article" />
<meta property="og:url" content="/post/2018-09-23-linux%E7%94%A8%E6%88%B7%E7%9B%B8%E5%85%B3%E5%9F%BA%E7%A1%80/" />
<meta property="article:published_time" content="2018-09-21T00:00:00&#43;00:00"/>
<meta property="article:modified_time" content="2018-09-21T00:00:00&#43;00:00"/>

	
	<link rel="dns-prefetch" href="//fonts.googleapis.com">
	<link rel="dns-prefetch" href="//fonts.gstatic.com">
	<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700">
	<link rel="stylesheet" href="/css/style.css">
	<link rel="stylesheet" href="/css/custom.css">
	<link rel="shortcut icon" href="/favicon.ico">
		
</head>
<body class="body">
	<div class="container container--outer">
		<header class="header">
	<div class="container">
		<div class="logo">
			<a class="logo__link" href="/" title="home" rel="home">
				<div class="logo__title">home</div>
				
			</a>
		</div>
		
<nav class="menu">
	<button class="menu__btn" aria-haspopup="true" aria-expanded="false" tabindex="0">
		<span class="menu__btn-title" tabindex="-1">Menu</span>
	</button>
	<ul class="menu__list">
		<li class="menu__item">
			<a class="menu__link" href="/about/">about</a>
		</li>
		<li class="menu__item">
			<a class="menu__link" href="/post/2020-05-26-%E6%90%9C%E7%B4%A2%E6%8A%80%E5%B7%A7/">搜索技巧</a>
		</li>
		<li class="menu__item">
			<a class="menu__link" href="/post/2019-04-13-vim%E5%B8%B8%E8%A7%84%E4%BD%BF%E7%94%A8/">vim常规使用</a>
		</li>
		<li class="menu__item">
			<a class="menu__link" href="/post/2020-05-21-%E5%AD%A6%E4%B9%A0%E5%9B%BE/">学习图</a>
		</li>
	</ul>
</nav>

	</div>
</header>
		<div class="wrapper flex">
			<div class="primary">
			
<main class="main" role="main">
	<article class="post">
		<header class="post__header">
			<h1 class="post__title">linux用户相关基础</h1>
			<div class="post__meta meta">
<div class="meta__item-datetime meta__item">
	<svg class="meta__icon icon icon-time" width="16" height="14" viewBox="0 0 30 28"><path d="M15 0C7 0 1 6 1 14s6 14 14 14 14-6 14-14S23 0 15 0zm0 25C9 25 4 20 4 14S9 3 15 3s11 5 11 11-5 11-11 11zm1-18h-2v8.4l6.8 4.4L22 18l-6-3.8V7z"/></svg>
	<time class="meta__text" datetime="2018-09-21T00:00:00">2018-09-21</time>
</div>

<div class="meta__item-categories meta__item">
	<svg class="meta__icon icon icon-category" width="16" height="16" viewBox="0 0 16 16"><path d="m7 2l1 2h8v11h-16v-13z"/></svg>
	<span class="meta__text"><a class="meta__link" href="/categories/linux" rel="category">linux</a></span>
</div>
</div>
		</header>
<div class="post__toc toc">
	<div class="toc__title">Page content</div>
	<div class="toc__menu">
		<nav id="TableOfContents">
<ul>
<li>
<ul>
<li>
<ul>
<li><a href="#相关命令">相关命令</a></li>
<li><a href="#准备">准备</a></li>
<li><a href="#文件查看">文件查看</a></li>
<li><a href="#文件权限类型">文件权限类型</a></li>
<li><a href="#用户">用户</a></li>
<li><a href="#用户组">用户组</a></li>
<li><a href="#文件管理">文件管理</a></li>
<li><a href="#添加为超级用户">添加为超级用户</a></li>
<li><a href="#用户信息">用户信息</a></li>
<li><a href="#记录账户相关信息">记录账户相关信息</a></li>
</ul></li>
</ul></li>
</ul>
</nav>
	</div>
</div>
<div class="content post__content clearfix">
			

<h3 id="相关命令">相关命令</h3>

<ul>
<li>useradd   添加用户</li>
<li>usermod   修改用户</li>
<li>userdel   删除用户</li>
<li>passwd    修改用户密码</li>
<li>groupadd  添加用户组</li>
<li>groupmod  更改用户组</li>
<li>groupdel  删除用户组</li>
<li>chmod     改变文件的权限, SUID, SGID, SBIT等等的特性</li>
<li>chgrp     改变文件所属群组</li>
<li>chown     改变文件拥有者</li>
<li>groups    查看自己在什么群组</li>
<li>newgrp    切换群组</li>
</ul>

<h3 id="准备">准备</h3>

<ol>
<li>用docker起一个ssh服务端
<code>docker run -d --name ssh-server -p 2020:22 jdeathe/centos-ssh:centos-7</code></li>

<li><p>进入容器修改为允许使用用户名密码登录</p>

<pre><code class="language-sh"># 进入容器
docker exec -ti ssh-server-1 bash
# 修改配置
vi /etc/ssh/sshd_config # 将PasswordAuthentication的no改为yes
# 查看sshd线程 
ps aux | grep sshd
# 刷新修改，即可用默认用户名跟密码登录
kill -1 ${pid}
</code></pre></li>

<li><p>通过<code>docker logs ssh-server</code>可以查看到, 默认用户名密码</p></li>

<li><p>后面测试用户可以自行添加</p></li>

<li><p>通过<code>ssh -p 2020 username@127.0.0.1</code>登录</p></li>
</ol>

<h3 id="文件查看">文件查看</h3>

<p><code>ls -la</code> 可查看文件详情</p>

<pre><code class="language-sh">-rwx-rw-r-- 1 pdc   pdc     10 Sep 18 07:24 pdc.txt
</code></pre>

<h3 id="文件权限类型">文件权限类型</h3>

<ol>
<li>文件权限类型
r -&gt; 4 读取
w -&gt; 2 写入
x -&gt; 1 执行
1、2、4可任意组合权限为3,5,6,7等</li>
<li>文件权限组成
-rwx-rw-r&ndash;可分为4段：
1  |  2  |  3  |  4
- rwx rw- r&ndash;
1、文件类型：-为文件，d为目录(drwx-rw-r&ndash;)，l为链接(lrwx-rw-r&ndash;)，b为可随机存储设备，c为一次性读取设备如鼠标键盘
2、所属用户访问权限
3、所属用户组访问权限
4、其他用户访问权限</li>
</ol>

<h3 id="用户">用户</h3>

<ol>
<li>添加用户
<code>useradd pdc</code> - 新增用户pdc</li>
<li>修改用户
<code>usermod -a -G test pdc</code> - 添加用户pdc到test用户组</li>
<li>删除用户
<code>userdel pdc</code> - 删除用户pdc</li>
</ol>

<h3 id="用户组">用户组</h3>

<blockquote>
<p>记录在/etc/group
0-65535, gid=0为root，gid=[1-500]为系统保留，gid&gt;500为用户使用
1. 添加用户组
<code>groupadd -g 777 test</code> - 添加用户组test
2. 修改用户组
<code>groupmod -g 780 -n pdc-group pdc-test</code> - 将pdc-test群组重命名为pdc-group，并修改群组id为780
3. 删除用户组
<code>groupdel test</code> - 删除用户组test</p>
</blockquote>

<h3 id="文件管理">文件管理</h3>

<ol>
<li>修改文件权限
<code>chmod 741 test.sh</code> - 修改文件test.sh为所属用户可读写执行，所属用户组可读写，其他用户可执行
<code>chmod -R 777 ./test</code> - 修改目录及其子目录所有文件都为可读可写可执行</li>
<li>修改文件所属群组
<code>chgrp test pdc.txt</code> - 修改pdc.txt属于test群组
<code>chgrp -R web ./test</code> - 修改test文件夹属于web用户组</li>
<li>修改文件拥有者
<code>chown pdc cj.txt</code> - 修改cj.txt拥有者为pdc</li>
<li>新增文件继承自用户组
<code>chmod g+s ./test</code>  - 设置test文件夹下的新增文件属于test文件夹的用户组
<code>chown -R webuser ./test</code> - 修改文件夹所属用户</li>
</ol>

<h3 id="添加为超级用户">添加为超级用户</h3>

<blockquote>
<p>运行visudo命令
将用户添加到<code>/etc/sudoers</code>(This file must be edited with the &lsquo;visudo&rsquo; command.)</p>

<pre><code class="language-sh">## Allow root to run any commands anywhere
# 允许运行的root命令的用户
root    ALL=(ALL)       ALL

# 允许用户pdc运行哪些root命令，ALL为全部
pdc  ALL=(ALL)       /usr/bin/ls, /usr/bin/mv, /usr/bin/cat

## Allows people in group wheel to run all commands
# 允许用户组wheel下的所有用户运行root命令
%wheel  ALL=(ALL)       ALL

## Same thing without a password
# 允许用户组wheel下的所有用户运行root命令不需要密码
%wheel        ALL=(ALL)       NOPASSWD: ALL
</code></pre>
</blockquote>

<h3 id="用户信息">用户信息</h3>

<blockquote>
<p>保存在文件/etc/passwd，部分内容</p>

<pre><code class="language-sh">sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
app-admin:x:500:500::/home/app-admin:/bin/bash
pdc:x:1000:1000::/home/pdc:/bin/bash
admin:x:1002:1002::/home/admin:/bin/bash
</code></pre>
</blockquote>

<h3 id="记录账户相关信息">记录账户相关信息</h3>

<blockquote>
<p><code>/etc/shadow</code>这个文件，和<code>/etc/passwd</code>类似，用“:”分割成9个字段。</p>
</blockquote>

<ol>
<li>用户名，跟/etc/passwd对应。</li>
<li>用户密码，这个才是该账号的真正的密码，不过这个密码已经加密过了，但是有些黑客还是能够解密的。所以为了安全，该文件属性设置为600，只允许root读写。</li>
<li>上次更改密码的日期，这个数字是这样计算得来的，距离1970年1月1日到上次更改密码的日期，例如上次更改密码的日期为2012年1月1日，则这个值就是365*（2012-1970）+1=15331。</li>
<li>要过多少天才可以更改密码，默认是0，即不限制。</li>
<li>密码多少天后到期。即在多少天内必须更改密码，例如这里设置成30，则30天内必须更改一次密码，否则将不能登录系统，默认是99999，可以理解为永远不需要改。</li>
<li>密码到期前的警告期限，若这个值设置成7，则表示当7天后密码过期时，系统就发出警告告诉用户，提醒用户他的密码将在7天后到期。</li>
<li>账号失效期限。你可以这样理解，如果设置这个值为3，则表示：密码已经到期，然而用户并没有在到期前修改密码，那么再过3天，则这个账号就失效了，即锁定了。</li>
<li>账号的生命周期，跟第三段一样，是按距离1970年1月1日多少天算的。它表示的含义是，账号在这个日期前可以使用，到期后账号作废。</li>
<li>作为保留用的，没有什么意义。</li>
</ol>

		</div>
		
<div class="post__tags tags clearfix">
	<svg class="tags__icon icon icon-tag" width="16" height="16" viewBox="0 0 32 32"><path d="M32 19c0 1-1 2-1 2L21 31s-1 1-2 1-2-1-2-1L2 16c-1-1-1.4-2-1.4-2S0 12.5 0 11V3C0 1.5.8.8.8.8S1.5 0 3 0h8c1.5 0 3 .6 3 .6S15 1 16 2l15 15s1 1 1 2zM7 10a3 3 0 1 0 0-6 3 3 0 0 0 0 6z"/></svg>
	<ul class="tags__list">
		<li class="tags__item"><a class="tags__link btn" href="/tags/%E7%94%A8%E6%88%B7%E7%AE%A1%E7%90%86/" rel="tag">用户管理</a></li>
	</ul>
</div>
	</article>
</main>

<div class="authorbox clearfix">
	<div class="authorbox__header">
		<span class="authorbox__name">About pdc</span>
	</div>
	<div class="authorbox__description">
		Pdc&#39;s true identity is unknown. Maybe he is a successful engineer or doctor. Nobody knows it.
	</div>
</div>

<nav class="post-nav flex">
	<div class="post-nav__item post-nav__item--prev">
		<a class="post-nav__link" href="/post/2018-01-01-jekyll-markdown%E9%97%AE%E9%A2%98%E8%AE%B0%E5%BD%95/" rel="prev"><span class="post-nav__caption">«&thinsp;Previous</span><p class="post-nav__post-title">Jekyll markdown问题记录</p></a>
	</div>
	<div class="post-nav__item post-nav__item--next">
		<a class="post-nav__link" href="/post/2018-09-21-centos%E5%8D%87%E7%BA%A7%E5%86%85%E6%A0%B8/" rel="next"><span class="post-nav__caption">Next&thinsp;»</span><p class="post-nav__post-title">centos升级内核</p></a>
	</div>
</nav>

<section class="comments">
	<div id="disqus_thread"></div>
<script type="application/javascript">
    var disqus_config = function () {
    
    
    
    };
    (function() {
        if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
            document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
            return;
        }
        var d = document, s = d.createElement('script'); s.async = true;
        s.src = '//' + "chenjipdc" + '.disqus.com/embed.js';
        s.setAttribute('data-timestamp', +new Date());
        (d.head || d.body).appendChild(s);
    })();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
</section>


			</div>
			<aside class="sidebar"><div class="widget-search widget">
	<form class="widget-search__form" role="search" method="get" action="https://google.com/search">
		<label>
			<input class="widget-search__field" type="search" placeholder="SEARCH..." value="" name="q" aria-label="SEARCH...">
		</label>
		<input class="widget-search__submit" type="submit" value="Search">
		<input type="hidden" name="sitesearch" value="/" />
	</form>
</div>
<div class="widget-recent widget">
	<h4 class="widget__title">Recent Posts</h4>
	<div class="widget__content">
		<ul class="widget__list">
			<li class="widget__item"><a class="widget__link" href="/post/2020-06-06-%E6%B8%B8%E6%88%8F/">游戏</a></li>
			<li class="widget__item"><a class="widget__link" href="/post/2020-05-28-mysql%E4%B8%BB%E4%BB%8E/">mysql主从</a></li>
			<li class="widget__item"><a class="widget__link" href="/post/2020-05-27-mysql%E6%89%A7%E8%A1%8C%E8%AE%A1%E5%88%92/">mysql执行计划</a></li>
		</ul>
	</div>
</div>
<div class="widget-categories widget">
	<h4 class="widget__title">Categories</h4>
	<div class="widget__content">
		<ul class="widget__list">
			<li class="widget__item"><a class="widget__link" href="/categories/bigdata">Bigdata</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/hadoop">Hadoop</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/install">Install</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/java">Java</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/linux">Linux</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/markdown">Markdown</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/monitor">Monitor</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/search">Search</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/tips">Tips</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/%e6%95%b0%e6%8d%ae%e5%ba%93">数据库</a></li>
			<li class="widget__item"><a class="widget__link" href="/categories/%e6%b8%b8%e6%88%8f">游戏</a></li>
		</ul>
	</div>
</div>
<div class="widget-taglist widget">
	<h4 class="widget__title">Tags</h4>
	<div class="widget__content">
		<a class="widget-taglist__link widget__link btn" href="/tags/awk" title="Awk">Awk (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/centos" title="Centos">Centos (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/github" title="Github">Github (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/google" title="Google">Google (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/hadoop" title="Hadoop">Hadoop (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/hdfs" title="Hdfs">Hdfs (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/hugo" title="Hugo">Hugo (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/java" title="Java">Java (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/jekyll" title="Jekyll">Jekyll (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/mongodb" title="Mongodb">Mongodb (3)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/mysql" title="Mysql">Mysql (4)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/spring" title="Spring">Spring (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/vim" title="Vim">Vim (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/yarn" title="Yarn">Yarn (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e4%bc%91%e9%97%b2" title="休闲">休闲 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e5%b7%a5%e5%85%b7" title="工具">工具 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e7%94%a8%e6%88%b7%e7%ae%a1%e7%90%86" title="用户管理">用户管理 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e7%9b%91%e6%8e%a7" title="监控">监控 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e8%b5%84%e6%96%99" title="资料">资料 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e8%bd%ac%e5%8f%91" title="转发">转发 (1)</a>
		<a class="widget-taglist__link widget__link btn" href="/tags/%e8%bd%af%e4%bb%b6" title="软件">软件 (1)</a>
	</div>
</div>
<div class="widget-social widget">
	<h4 class="widget-social__title widget__title">Social</h4>
	<div class="widget-social__content widget__content">
		<div class="widget-social__item widget__item">
			<a class="widget-social__link widget__link btn" title="GitHub" rel="noopener noreferrer" href="https://github.com/chenjipdc" target="_blank">
				<svg class="widget-social__link-icon icon icon-github" width="24" height="24" viewBox="0 0 384 374"><path d="m192 0c-106.1 0-192 85.8-192 191.7 0 84.7 55 156.6 131.3 181.9 9.6 1.8 13.1-4.2 13.1-9.2 0-4.6-.2-16.6-.3-32.6-53.4 11.6-64.7-25.7-64.7-25.7-8.7-22.1-21.3-28-21.3-28-17.4-11.9 1.3-11.6 1.3-11.6 19.3 1.4 29.4 19.8 29.4 19.8 17.1 29.3 44.9 20.8 55.9 15.9 1.7-12.4 6.7-20.8 12.2-25.6-42.6-4.8-87.5-21.3-87.5-94.8 0-20.9 7.5-38 19.8-51.4-2-4.9-8.6-24.3 1.9-50.7 0 0 16.1-5.2 52.8 19.7 15.3-4.2 31.7-6.4 48.1-6.5 16.3.1 32.7 2.2 48.1 6.5 36.7-24.8 52.8-19.7 52.8-19.7 10.5 26.4 3.9 45.9 1.9 50.7 12.3 13.4 19.7 30.5 19.7 51.4 0 73.7-44.9 89.9-87.7 94.6 6.9 5.9 13 17.6 13 35.5 0 25.6-.2 46.3-.2 52.6 0 5.1 3.5 11.1 13.2 9.2 76.2-25.5 131.2-97.3 131.2-182 0-105.9-86-191.7-192-191.7z"/></svg>
				<span>GitHub</span>
			</a>
		</div>
		<div class="widget-social__item widget__item">
			<a class="widget-social__link widget__link btn" title="Email" href="mailto:chenjipdc@gmail.com">
				<svg class="widget-social__link-icon icon icon-mail" width="24" height="24" viewBox="0 0 416 288"><path d="m0 16v256 16h16 384 16v-16-256-16h-16-384-16zm347 16-139 92.5-139-92.5zm-148 125.5 9 5.5 9-5.5 167-111.5v210h-352v-210z"/></svg>
				<span>chenjipdc@gmail.com</span>
			</a>
		</div>
	</div>
</div>
</aside>
		</div>
		<footer class="footer">
	<div class="container footer__container flex">
		
		<div class="footer__copyright">
			&copy; 2020 pdc.
			<span class="footer__copyright-credits">Generated with <a href="https://gohugo.io/" rel="nofollow noopener" target="_blank">Hugo</a> and <a href="https://github.com/Vimux/Mainroad/" rel="nofollow noopener" target="_blank">Mainroad</a> theme.</span>
		</div>
	</div>
</footer>
	</div>
<script async defer src="/js/menu.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.5/MathJax.js?config=TeX-AMS-MML_HTMLorMML" async></script>
</body>
</html>